Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 00da58a0da77e168b8fe01e8909e5f2f8815172e^! / . / lib / keystone
commit00da58a0da77e168b8fe01e8909e5f2f8815172e[log] [tgz]
authorJulien Vey <julien.vey@numergy.com>Tue May 27 15:51:49 2014 +0200
committerJulien Vey <vey.julien@gmail.com>Tue Jun 24 10:09:08 2014 +0200
treeee1df48d86a1eedf6bd04dcfe85eb7d62ee69403
parent4fcda870e65db81fc643fee799730cadd69441bb [diff] [blame]
Add an environment variable to enable extensions in keystone

Following https://review.openstack.org/#/c/44401/3

Change-Id: I8e0391cd68e29e6d57c0f35517bf4155110861c7
Closes-Bug: #1218733
Co-Authored-By: Yong Sheng Gong <gongysh@unitedstack.com>

diff --git a/lib/keystone b/lib/keystone
index 5fcd018..69fba0f 100644
--- a/lib/keystone
+++ b/lib/keystone

@@ -41,6 +41,10 @@
 
 KEYSTONECLIENT_DIR=$DEST/python-keystoneclient
 
+# Set up additional extensions, such as oauth1, federation
+# Example of KEYSTONE_EXTENSIONS=oauth1,federation
+KEYSTONE_EXTENSIONS=${KEYSTONE_EXTENSIONS:-}
+
 # Select the backend for Keystone's service catalog
 KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
 KEYSTONE_CATALOG=$KEYSTONE_CONF_DIR/default_catalog.templates
@@ -153,6 +157,8 @@
         KEYSTONE_PASTE_INI="$KEYSTONE_CONF"
     fi
 
+    configure_keystone_extensions
+
     # Rewrite stock ``keystone.conf``
 
     if is_service_enabled ldap; then
@@ -273,6 +279,25 @@
     fi
 }
 
+function configure_keystone_extensions {
+    # Add keystone extension into keystone v3 application pipeline
+    local extension_value
+    local api_v3
+    local extension
+    local api_v3_extension
+    for extension_value in ${KEYSTONE_EXTENSIONS//,/ }; do
+        if [[ -z "${extension_value}" ]]; then
+            continue
+        fi
+        api_v3=$(iniget $KEYSTONE_PASTE_INI pipeline:api_v3 pipeline)
+        extension=$(echo $api_v3 | sed -ne "/${extension_value}/ p;" )
+        if [[ -z $extension ]]; then
+            api_v3_extension=$(echo $api_v3 | sed -ne "s/service_v3/${extension_value}_extension service_v3/p;" )
+            iniset $KEYSTONE_PASTE_INI pipeline:api_v3 pipeline "$api_v3_extension"
+        fi
+    done
+}
+
 # create_keystone_accounts() - Sets up common required keystone accounts
 
 # Tenant               User       Roles
@@ -386,6 +411,14 @@
     # Initialize keystone database
     $KEYSTONE_DIR/bin/keystone-manage db_sync
 
+    local extension_value
+    for extension_value in ${KEYSTONE_EXTENSIONS//,/ }; do
+        if [[ -z "${extension_value}" ]]; then
+            continue
+        fi
+        $KEYSTONE_DIR/bin/keystone-manage db_sync --extension "${extension_value}"
+    done
+
     if [[ "$KEYSTONE_TOKEN_FORMAT" != "uuid" ]]; then
         # Set up certificates
         rm -rf $KEYSTONE_CONF_DIR/ssl